Multiple SQL injection vulnerabilities in view_all_bug_page.php in MantisBT before 1.2.18 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to view_all_set.php.
The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows local users to write to arbitrary files via a symlink attack on a temporary file with a predictable name (tmp/check_diskio_status-*-*).
Directory traversal vulnerability in services/getfile.php in the Paid Memberships Pro plugin before 1.7.15 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the QUERY_STRING in a getfile action to wp-admin/admin-ajax.php.
Directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in the DukaPress plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter to lib/dp_image.php.
Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 126.96.36.199, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to the owner/users page.
The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication.
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors.